package com.aaa.controller;

import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.security.Principal;

/**
 * -*- coding:utf-8 -*-
 *
 * @author 太阳偷渡青山
 * @software IntelliJ IDEA
 * @date 2022/12/30 10:08
 * @Description
 */
@RestController
@RequestMapping("user")
@Slf4j
public class UserController {

    /**
     * 第一种:
     * 容器会自动注入给参数为 Principal的参数
     *
     * @param principal 主要
     * @return {@link Principal}
     */
    @GetMapping("info")
    public Principal info(Principal principal){
        return principal;
    }

    /**
     * 第二种：
     * 用户登录后，会把用户信息存放在SrcurityContext中。
     *
     * @return {@link Object}
     */
    @GetMapping("info2")
    public Object info() {
        // 获取上下文对象
        SecurityContext context = SecurityContextHolder.getContext();
        // 用户的认证信息都封装到 Authentication
        Authentication authentication = context.getAuthentication();
        return authentication;
    }

    @GetMapping("insert")
    @PreAuthorize(value = "hasAnyAuthority('user:insert')")
    public String insert() {
        return "用户添加操作！！！！";
    }

    @GetMapping("delete")
    @PreAuthorize(value = "hasAnyAuthority('user:delete')")
    public String delete() {
        return "用户删除操作！！！！";
    }

    @GetMapping("query")
    @PreAuthorize(value = "hasAnyAuthority('user:query')")
    public String query() {
        return "用户查询操作！！！！";
    }

    @GetMapping("update")
    @PreAuthorize(value = "hasAnyAuthority('user:update')")
    public String update() {
        return "用户修改操作！！！！";
    }

    @GetMapping("export")
    @PreAuthorize(value = "hasAnyAuthority('user:export')")
    public String export() {
        return "用户下载操作！！！！";
    }
}
